we created a cookbook locally on the computer with the command: knife create cookbook web in powershell, and we want to upload it to the chef server with command: knife cookbook upload web and it gives us an error:ERROR: Failed to authenticate to https://api.chef.io/organizations/e_t as e_t with key C:/chef-repo/.chef/e_t.pem Response: Invalid signature for user or client 'e_t' , what is the problem??? thank you in advance
Maybe this will help: Chef node configuration issue with knife bootstrap- can't authenticate with server
Are sure your pem file is valid?
take a look at the chef docs about public/private keys:
Related
I am working on a clients project and they have Magento installed on their EC2 instance, in order to ssh into it I need to have the pem file that was generated at the time of setting the key-pair. However I am not able to receive the pem file from their end and I am instead looking for a way to download the existing one. Is it even possible? Or do I create a new key-pair.
I wrote an article about Alibaba SSH Keypairs. If the keypair has been lost, you can replace it if you have Alibaba Cloud credentials (AccessKey and AccessKeySecret). This link to my article goes into specific details.
Alibaba Cloud SSH & ECS KeyPairs
The following commands require that the Alibaba Command Line CLI (aliyuncli) is installed and setup. I would backup (snapshot) the system before making the following changes.
This command will create a new Keypair called "NewKeyPair"
aliyuncli ecs CreateKeyPair --RegionId us-west-1 --KeyPairName NewKeyPair
This command will replace the current keypair with NewKeyPair (Windows syntax).
aliyuncli ecs AttachKeyPair --InstanceIds "[\"i-abcdeftvgllm854abcde\"]" --KeyPairName NewKeyPair
No, you can't download existing key. In order to connect to the server via ssh, you need the key which is generated at the time of server development. You can ask your clients for the key.
I'm getting this error when trying to configure the knife plugin for Chef in an Ubuntu 14.04 instance on Google Cloud Platform. Any ideas on how to fix this?
FATAL: Cannot find subcommand for: 'osc_user configure -i'
There are 2 VMs - one is the chef-server and the other the chef-workstation, both are the same OS.
Source :- https://cloud.google.com/solutions/google-compute-engine-management-puppet-chef-salt-ansible-appendix#getting-started-with-chef-on-compute-engine
Chef-server VM IP - https://35.227.106.170/
Chef-workstation VM IP - https://35.231.42.82/
Here is the console log:
anjalithomas_mec#chef-workstation:~/.chef$ knife configure -i # server: https://[server's external IP address]:443, cookbook_path = ~/chef-repo
Please enter the chef server URL: [https://chef-workstation.c.chef-gcp-195115.internal/organizations/myorg] https://35.227.80.216
Please enter a name for the new user: [anjalithomas_mec] any
Please enter the existing admin name: [admin]
Please enter the location of the existing admin's private key: [/etc/chef-server/admin.pem]
Overwrite /home/anjalithomas_mec/.chef/credentials?? (Y/N) Y
Creating initial API user...
Please enter a password for the new user:
WARNING: IF YOU ARE USING CHEF SERVER 12+, PLEASE FOLLOW THE INSTRUCTIONS
UNDER knife user create --help.
You only passed a single argument to knife user create.
For backwards compatibility, when only a single argument is passed,
knife user create assumes you want Open Source 11 Server user creation.
knife user create for Open Source 11 Server is being deprecated.
Open Source 11 Server user commands now live under the knife osc_user namespace.
For backwards compatibility, we will forward this request to knife osc_user create.
If you are using an Open Source 11 Server, please use that command to avoid this warning.
NOTE: Backwards compatibility for Open Source 11 Server in these commands will be removed
in Chef 15 which will be released April 2019.
FATAL: Cannot find subcommand for: 'osc_user configure -i'
Looks like it's an open issue with no fix yet:
chef client - error during Knife configure -i #4814
https://github.com/chef/chef/issues/4814
i cant connect to my application on openshift using rhc command
here is what i get when trying to connect
C:\Users\soulhiS>rhc ssh myapp
DL is deprecated, please use Fiddle
RSA 1024 bit CA certificates are loaded due to old openssl compatibility
Connecting to 56e736655650001b4#myapp-mydomain.rhcloud.com ...
Using username "56e736655650001b4".
FATAL ERROR: Disconnected: No supported authentication methods available(server sent: publickey,gssapi-keyex,gssapi-with-mic)
Make sure that your ssh key is accessible (run the command line as administrator, if needed) and it is the one OpenShift expects - i.e. check that a corresponding public key is uploaded to OpenShift. For uploading your public ssh key to OpenShift, you can run rhc setup.
I am using chef dk version 12 and i have done basic setup and uploaded many cookbooks , currently i am using remote_directory in my default.rb
What i have observed is whenever there are too many files /hierarchy in the directory the upload fails with the below exception :-
ERROR: SSL Validation failure connecting to host: xyz.com - SSL_write: cert already in hash table
ERROR: Could not establish a secure connection to the server.
Use `knife ssl check` to troubleshoot your SSL configuration.
If your Chef Server uses a self-signed certificate, you can use
`knife ssl fetch` to make knife trust the server's certificates.
Original Exception: OpenSSL::SSL::SSLError: SSL_write: cert already in hash table
As mentioned earlier connection to server isnt a problem it happens only when there are too many files/the hierarchy is more .
Can you please suggest what i can do? I have tried searching online for solutions but failed to get a solution
I have checked the question here but it doesnt solve my problem
Chef uses embedded ruby and openssl for people not working with chef
Some updates on suggestion of tensibai,
The exceptions have changed since adding the option of --concurrency 1 ,
Initially i had received,
INFO: HTTP Request Returned 403 Forbidden:ERROR: Failed to upload filepath\file (7a81e65b51f0d514ec645da49de6417d) to example.com:443/bookshelf/… 3088476d373416dfbaf187590b5d5687210a75&Expires=1435139052&Signature=SP/70MZP4C2UdUd9%2B5Ct1jEV1EQ%3D : 403 "Forbidden" <?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDenied</Code><Message>Access Denied</Message>
Then yesterday it has changed to
INFO: HTTP Request Returned 413 Request Entity Too Large: error
ERROR: Request Entity Too Large
Response: JSON must be no more than 1000000 bytes.
Should i decrease the number of files or is there any other option?
Knife --version results in Chef: 12.3.0
Should i decrease the number of files or is there any other option?
Ususally the files inside a cookbook are not intended to be too large and too numerous, if you got a lot of files to ditribute it's a sign you should change the way you distribute thoose files.
One option could be to make a tarball, but this makes harder to manage the deleted files.
Another option if you're on an internal chef-server is to follow the advice here and change the client_max_body_size 2M; value for nginx but I can't guarantee it will work.
I had same error and i ran chef-server-ctl reconfigure on chef server then tried uploading cookbook again and all started working fine again
I have installed Chef server on One Physical Linux node successfully,
Now i am trying to install chef-client on the other Linux VM,
Unfortunately i am getting below error.
ERROR: Your private key could not be loaded from /etc/chef/webui.pem
Check your configuration file and ensure that your private key is readable
so copied the webui.pem from chef server to Linux Client
tried to execute knife client List
ERROR: Failed to authenticate to http://xxx.xxx.xxx.xxx:4000 as admin with key /etc/chef/webui.pem
Response: Failed to authenticate. Ensure that your client key is valid.
To use knife you need to be logged in as an admin user. Either copy down the servers admin.pem key or better still create a new admin user and use its key.
Another thing to fix is make sure the node_name used to login matches the key you're using. (The error message suggests you're using "admin"):
node_name 'myuser'
client_key '/home/me/.chef/keys/myuser.pem'